Microsoft confirms a new serious security hole in Windows 10

Microsoft has just confirmed the risk when hackers come into contact with systems equipped with Thunderbold ports to conduct 'Thunderspy' - physical intervention method on Thunderbolt port to write or read data in the machine even if the device has been is encrypted. This vulnerability occurs in hardware and cannot be fixed by software.

According to a Microsoft representative, an attacker who comes in direct contact with a Thunderbold-equipped computer can log in and steal, export unauthorized data or install malware. The advice given to users to avoid data theft is . 'buy a new computer'. Of course, not every device will work, but it must be a new security-enabled computer line, named Secured-core PC.

Björn Ruytenberg, a security researcher at Eindhoven University of Technology (EUT), discovered that the attacker said all the attacker needed to do the job was five minutes of exposure to the device. who noticed. Physical attacks on the machine are quite complicated, high risk and rarely occur but still exist in reality.

Previously, Intel has confirmed a new security hole on the Thunderbolt connection port that allows an attacker who has been in contact with a computer to edit the port control software to turn off the security feature. According to Forbes , nearly every computer with Thunderbolt port can be hacked, except for a few 2019-production devices (Secured-core PC) that have Kernel DMA protection enabled.

An Intel representative also said that the Thunderspy attacks simulated failures on systems equipped with the Kernel DMA security feature. 'Even if an attacker successfully copies the malicious version of Thunderbolt software to the machine, the Kernel DMA protection layer on the Secured-core computer can prevent all access via the Thunderbold port unless the hacker gets a password. device'.